forked from extern/shorewall_code
Add CONNBYTES to shorewall-tcrules(5)
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8751 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
30a6728e82
commit
3188a94901
@ -1,4 +1,6 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
|
||||
<refentry>
|
||||
<refmeta>
|
||||
<refentrytitle>shorewall-tcrules</refentrytitle>
|
||||
@ -498,6 +500,52 @@
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">CONNBYTES</emphasis> -
|
||||
[!]<emphasis>min</emphasis>:[<emphasis>max</emphasis>[:{<emphasis
|
||||
role="bold">O</emphasis>|<emphasis role="bold">R</emphasis>|<emphasis
|
||||
role="bold">B</emphasis>}[:{<emphasis
|
||||
role="bold">B</emphasis>|<emphasis role="bold">P</emphasis>|<emphasis
|
||||
role="bold">A</emphasis>}]]] </term>
|
||||
|
||||
<listitem>
|
||||
<para>Connection Bytes; defines a byte or packet range that the
|
||||
connection must fall within in order for the rule to match.</para>
|
||||
|
||||
<para>A packet matches if the the packet/byte count is within the
|
||||
range defined by <emphasis>min</emphasis> and
|
||||
<emphasis>max</emphasis> (unless ! is given in which case, a packet
|
||||
matches if the packet/byte count is not within the range).
|
||||
<emphasis>min</emphasis> is an integer which defines the beginning
|
||||
of the byte/packet range. <emphasis>max</emphasis> is an integer
|
||||
which defines the end of the byte/packet range; if omitted, only the
|
||||
beginning of the range is checked. The first letter gives the
|
||||
direction which the range refers to:<blockquote>
|
||||
<para><emphasis role="bold">O</emphasis> - The original
|
||||
direction of the connection.</para>
|
||||
|
||||
<para><emphasis role="bold">R</emphasis> - The opposite
|
||||
direction from the original connection.</para>
|
||||
|
||||
<para><emphasis role="bold">B</emphasis> - The total of both
|
||||
directions.</para>
|
||||
</blockquote></para>
|
||||
|
||||
<para>If omitted, <emphasis role="bold">B</emphasis> is assumed.
|
||||
</para>
|
||||
|
||||
<para>The second letter determines what the range refers
|
||||
to.<blockquote>
|
||||
<para><emphasis role="bold">B</emphasis> - Bytes</para>
|
||||
|
||||
<para><emphasis role="bold">P</emphasis> - Packets</para>
|
||||
|
||||
<para><emphasis role="bold">A</emphasis> - Average packet
|
||||
size.</para>
|
||||
</blockquote></para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><emphasis role="bold">HELPER -
|
||||
"<emphasis>helper</emphasis>"</emphasis></term>
|
||||
@ -576,4 +624,4 @@
|
||||
shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tos(5),
|
||||
shorewall-tunnels(5), shorewall-zones(5)</para>
|
||||
</refsect1>
|
||||
</refentry>
|
||||
</refentry>
|
||||
|
Loading…
Reference in New Issue
Block a user